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REMARKS 

This Application has been carefully reviewed in light of the Final Office Action 
mailed November 7, 2006 ("Office Action"). At the time of the Office Action, Claims 1-71 
were pending and Claims 1-26, 35-41, 50-56, and 65-71 were withdrawn. The Examiner 
rejects Claims 27-34, 42-49, and 57-64. Applicants amend Claims 27, 42, and 57. As 
described below. Applicants believe all claims to be allowable over the cited references. 
Therefore, Applicants respectfully request reconsideration and full allowance of all pending 
claims. 

Claim Objections 

The Examiner rejects Claim 27 due to informalities.^ Specifically, the Examiner 
states that the claim is objected to because "the pre-set list of hostile applications" lacks 
antecedent basis. Applicants have amended Claim 27 to revise the term "the pre-set list of 
hostile applications" to recite "the pre-set list of applications." Antecedent basis for the 
amended claim language may be found in Applicants' step of "providing, on a workstation, a 
pre-set list of applications permitted to run on the workstation . . ." Accordingly, Applicants 
respectfully request that the objections to Claim 27 be withdrawn. 

Section 112 Rejections 

First, the Examiner rejects Claims 27, 42, and 57 under 35 U.S.C. § 112, first 
paragraph, as failing to comply with the written description requirement. Specifically, the 
Examiner states "[t]he phrase 'in response to determining that the unspecified application is 
not identifiable in the pre-set list of hostile applications' is not properly described in the 
application as filed." Without conceding the veracity of the Examiner's rejection of the 
recited claim language. Applicants have amended Claims 27, 42, and to 57 to remove the 
recited claim language. 

Second, the Examiner rejects Claims 27, 42, and 57 under 35 U.S.C. § 112, second 
paragraph, as being indefinite. Specifically, the Examiner states that "[t]he phrases "a pre-set 
list of applications permitted to run on the workstation;" "allowing access ... if the requested 

' In the Final Office Action, the Examiner objects to Claim 1. However, since Claim 1 is cancelled, Applicants 
believe that the Examiner intended to object to Claim 27, 
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computer resources is not on the list . . and "preventing access ... if the requested 
computer resource is on the list . . are not clear on what the metes and bounds of the claims 
are, the claims appear to cover anything and everything that does not prohibit actions from 
occurring." (Final Office Action, page 4). 

Since Applicants believe that it is clear what the metes and bounds of the claims are. 
Applicants traverse this rejection of Claims 27, 42, and 57. For example. Claim 27 recites 
"providing, on a workstation, a pre-set list of applications permitted to run on the workstation 
and a list of one or more computer resources on the workstation to which are not accessible 
to unspecified application." Thus, amended Claim 27 recites both "a pre-set list of 
applications" and "a list of one or more computer resources on the workstation to which are 
not accessible to unspecified applications." Amended Claim 27 further recites that "each of 
the one or more computer resources [is] selected from the group consisting of system files, 
information, equipment, data and memory allocation." When a request for access is received 
from an unspecified application, the method includes "determining that the vmspecified 
application is not identifiable in the pre-set list of applications." The request for access 
"identif[ies] a computer resource ... to which the unspecified application seeks access," and 
further steps in the method of Claim 27 include "determining whether the requested computer 
resource is on the list of one or more computer resources that are not accessible to 
unspecified applications," "allowing access to the requested computer resource if the 
requested computer resource is not on the list of one or more computer resources," and 
"preventing access to the requested computer resource if the requested computer resource is 
on the list of one or more computer resources." Accordingly, Applicants submit that the 
metes and bounds of Claims 27, 42, and 57 are clear and that the claims are in accordance 
with 35 U.S.C. § 1 12, second paragraph. 

For at least these reasons, Applicants respectfully request that the 35 U.S.C. § 112 
rejections be withdrawn. Applicants request reconsideration and allowance of Claims 27, 42, 
57, together with Claims 28-34, 43-49, and 58-64 which depend respectively therefrom. 
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Specification Objections 

The Examiner objects to the amendment filed August 24, 2006 under 35 U.S.C. 
132(a) because it introduces new matter into the disclosure. It the Examiner's position that 
the claim language reciting "in response to determining that the unspecified application is not 
identifiable in the pre-set list of hostile applications" is not supported by the original 
disclosure. Additionally, the Examiner objects to the specification as failing to provide 
proper antecedent basis for the recited claimed language. Without conceding the veracity of 
the Examiner's objection to the Specification, Applicants have amended Claims 27, 42, and 
to 57 to remove the recited claim language. 

Section 103 Rejections 

The Examiner rejects Claims 27-32, 34, 42-47, 49, 57-62, and 64 under 35 U.S.C. 
§ 103(a) as being unpatentable over U.S. Patent No. 6,092,194 issued to Touboul {"ToubouF) 
in view of U.S. Patent No. 5,859,966 issued to Hayman et al. Q'Hayman'"), The Examiner 
rejects Claims 33, 48, and 63 under 35 U.S.C. § 103(a) as being unpatentable over Touboul in 
view Hayman and fiirther in view of U.S. Patent No. 5,987,523 issued to Hind et al. Q'Hind"). 
For the reasons discussed below. Applicants respectfiilly request reconsideration and 
allowance of Claims 27-34, 42-49, and 57-64. 

Independent Claim 27 of the present Application, as amended, recites: 

A method for preventing hostile use of computer resources by an 
application running on a workstation, comprising: 

providing, on a workstation, a pre-set list of applications permitted 
to run on the workstation and a list of one or more computer resources on 
the workstation to which are not accessible to unspecified applications; 

providing a filter on a workstation for receiving intemal requests 
for computer resources resident on the workstation; 

receiving at the filter a request for access generated by an 
unspecified application downloaded to the workstation fi-om a source 
extemal to the workstation, the request for access identifying a computer 
resource resident on the workstation to which the unspecified application 
seeks access; 

determining, by the filter on the workstation, that the unspecified 
application is not identifiable in the pre-set list of applications; 
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determining, by the filter on the workstation, whether the requested 
computer resource is on the list of one or more computer resources that are 
not accessible to unspecified applications; 

allowing access to the requested computer resource if the requested 
computer resource is not on the list of one or more computer resources; 
and 

preventing access to the requested computer resource if the 
requested computer resource is on the list of one or more computer 
resources. 

Thus, Applicant's claim recites "providing, on a workstation ... a list of one or more 
computer resources on the workstation to which are not accessible to unspecified 
applications." Applicant's claim further recites "providing a filter on a workstation for 
receiving internal requests for computer resources resident on the workstation" and 
"receiving at the filter [on the workstation] a request for access . . . identifying a computer 
resource resident on the workstation to which the unspecified application seeks access." 
Finally, Applicant's claim also recites "determining, by the filter on the workstation, that 
the unspecified application is not identifiable in the pre-set list of applications" and 
"determining, by the filter on the workstation, whether the requested computer resource is 
on the list of one or more computer resources that are not accessible to unspecified 
applications." 

In the previous Response to Office Action submitted on August 24, 2006 (^'Previous 
Response""), Applicants argued that Touboul (as reUed upon by the Examiner) does not 
disclose, teach, or suggest "providing, on a workstation, a pre-set Ust of apphcations 
permitted to run on the workstation and a list of one or more computer resources on the 
workstation," Specifically, Applicants noted that Touboul relates to an "internal network 
security system 110 [that] examines Downloadables received from extemal computer 
network 105, and prevents Downloadables deemed suspicious from reaching the internal 
computer network." (Column 3, lines 9-12, emphasis added). Thus, Touboul is a network 
based application designed to prevent hostile Downloadables from breaching the internal 
network. In the Summary of the Invention, Touboul stipulates that the "security policy 
many include a default security policy to be applied regardless of the client to whom the 
Downloadable is addressed, a specific security policy to be applied based on the client or the 
group to which the client belongs, or a specific policy to be applied based on the client/group 
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and on the particular Downloadable received." (Column 1, line 67 through Column 2, line 
5). As shown in Figure 1, which is described as "a block diagram illustrating a network 
security system," the "Intemal Network Security System" is illustrated as being placed 
between the "External Computer Network" and the "Intemal Computer Network." (Column 
2, lines 39-41; Figure 1). Accordingly, the description and figures of Touboul support 
Applicant's contention that Touboul does not disclose, teach, or suggest the performance, "on 
the workstation," of the operations recited above. 

Applicants further submit that these deficiencies are not cured by the disclosure of 
Hayman, As discussed in the Previous Response^ Hayman discloses "a security system for a 
computer system in which specific limitations are imposed on who has access to exactly what 
computer functions and data on the computer system," (Column 1, lines 48-51). 
Accordingly, the Hayman system determines the permissibility of user-requested computer 
functions on a user-by-user basis. The Hayman system is designed to address the problem 
created when "more and more computers become connected together into large computer 
networks, sometimes stretching across the globe." (Column 1, lines 13-17). Accordingly, the 
Hayman system "basically involves breaking up the totality of computer functions into 
required privileges and assigning different privileges to each user depending on the particular 
job which that user is to do on the computer system." (Column 1, lines 57-61)." Thus, 
Hayman also does not disclose, teach, or suggest the particular combination of features and 
operations recited in Applicant's steps of "providing, on a workstation ... a list of one or 
more computer resources on the workstation to which are not accessible to unspecified 
applications," "providing a filter on a workstation for receiving intemal requests for 
computer resources resident on the workstation," "receiving at the filter [on the 
workstation] a request for access . . . identifying a computer resource resident on the 
workstation to which the unspecified application seeks access," "determining, by the filter 
on the workstation, that the unspecified application is not identifiable in the pre-set list of 
applications," and "determining, by the filter on the workstation, whether the requested 
computer resource is on the list of one or more computer resources that are not accessible to 
unspecified applications," as recited in Claim 27. 
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For at least these reasons, Applicants respectfully request reconsideration and 
allowance of Claim 27, together with Claims 28-34 that depend from Claim 27. 

Independent Claims 42 and 57 recite certain features that are analogous to those 
discussed above. For example. Claim 42 recites "a processor on a workstation. . . operable 
to . . . maintain a pre-set list of applications permitted to run on the workstation and a list of 
one or more computer resources on the workstation that are not accessible to any 
unspecified applications." Claim 42 also recites that "in response to a request received from 
the unspecified application," the processor is operable to "determine that the unspecified 
application is not identifiable in the pre-set list of applications and "determine whether a 
requested computer resource is on the list of one or more computer resources on the 
workstation that are not accessible to any unspecified applications." Claim 57 recites logic 
operable when executed to "maintain, on a workstation, a pre-set list of applications 
permitted to run on the workstation and a list of one or more computer resources on the 
workstation to which are not accessible to unspecified applications." The logic is also 
operable to "provide a filter on a workstation for receiving intemal requests for computer 
resources resident on the workstation," "determine, by the filter on the workstation, that the 
unspecified application is not identifiable in the pre-set list of applications permitted to run on 
the workstation" and "determine, by the filter on the workstation, whether the requested 
computer resource is on the list of one or more computer resources that are not accessible to 
unspecified applications." Accordingly, for reasons similar to those discussed above, 
Applicants respectfully submit that the proposed Touboul-Hayman combination does not 
disclose, teach, or suggest each and every limitation of Applicants' Claims 42 and 57. 

For at least these reasons. Applicants respectfully request reconsideration and 
allowance of Claims 42 and 57, together with Claims 43-49 and 58-64 that depend from 
Claims 42 and 57, respectively. 
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CONCLUSION 

Applicants have made an earnest attempt to place this case in condition for allowance. 
For the foregoing reasons, and for other reasons clearly apparent, Applicants respectfully 
request full allowance of all pending claims. 

No fee is believed to be due. However, the Commissioner is hereby authorized to 
charge any fees or credit any overpayment to Deposit Account No. 02-0384 of Baker Botts 
L.L.P. 

If there are matters that can be discussed by telephone to further the prosecution of 
this application. Applicants respectfully request that the Examiner call its attorney at the 
number listed below. 

Respectfully submitted, 
BAKER BOTTS L.L.P, 



Attomeys for Applicants 




(214) 953-6809 

Date: January 4, 2007 

CORRESPONDENCE ADDRESS: 
Customer No. : 05073 
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